If someone comes to your site with a non-secure link it will not render as secure. You can add a couple lines to your htaccess that will force a secure connection. After the “RewriteEngine On” line, put the following 2 lines. Be sure to change “example” to your domain.

To harden an old WordPress site, the first thing I did was change the table prefix to something other than wp_

But that somehow turned every user from admin to subscriber, now I was locked out. And when I tried to login, it redirected me to the homepage, not the wp-admin section. Here’s what I did:

First, grab this script, put it into a php file named, force-upgrade.php , by Mark Jaquith and upload it to the same directory as your wp-config file. Then visit that directory/force-upgrade.php It will prompt you to run the script. “Hopefully that does the trick.” – But you still need to change your permission via phpMyAdmin, skip past this script to do that.